Get out of the client-control business with five forward-thinking IT strategies

The new year brings with it a fresh opportunity to turn the page on bad habits. For many, this means resolutions geared toward regaining control over areas of their lives that have too long been ignored. For IT, 2010 offers a different twist for overburdened organizations: to get out of the client-control business by embracing end-users and loosening some of the less essential IT controls.

In a world where most people use computers at home, where the Internet is a basic medium for everyone, and where younger generations often understand the latest technology better than IT does, maybe it's time for IT to shed its feudal "castle and moat" mentality and enter the 21st century of federation and globalization by giving end-users more freedom to choose the tools they use to do their jobs.

The trend is clear: As workforces become more distributed and reliant on contractors and employees who stay just a few years -- and as companies start eliminating permanent workspaces for some employees -- getting out of the client management business will become necessary for IT.

Yes, ceding control can be scary business. But if done right, loosening your grip on end-user tools can free IT to better control what actually matters: information and connectivity.

Here are five seemingly heretical resolutions that will make IT's job easier in the long run, while allowing employees to work in familiar, preferred environments that make them more productive.

IT resolution No. 1: Let employees use any PC they want. Give your end-users a budget so that if they want something really pricey they pay the difference. And if they choose something basic, let them use the leftover budget for other tech aids such as widescreen monitors or special input devices. Offer a standard option they can get preconfigured to IT's specifications. Certify IT-supported apps for Windows, Mac OS X, and Linux -- InfoWorld has heard that when employees get to choose their own computer, as many as a third choose Macs, so be ready for that choice. For example, you might certify Microsoft Office for Windows and Mac, IBM Lotus Symphony for Linux, Exchange for Windows, Apple Mail for Mac, and Evolution for Linux, and Firefox for all three platforms. Be able to support these apps in terms of their core features relevant to business use.

Those employees who opt for their own PCs get to support those PCs themselves for typical user issues such as updating the OS and apps, issues with nonstandard apps, and so on. Those who use your standard configuration get standard IT support.

Set the standards in the datacenter and in the network, such as access policies, security policies, and the like -- so the client computer doesn't need so much "touch" to operate and maintain.

When employees leave, let them buy their equipment for whatever the value is of depreciation you've not yet claimed on your corporate taxes.

What's in it for IT: Trying to control all the endpoints is a losing game. Save the effort and refocus on what you can maintain: your datacenter and network. You'll end up with better systems and more resources to create better capabilities for your business.

IT resolution No. 2: Let employees use any smartphone they want. Just as with computers, set security standards and access standards that users' smartphones must meet and offer a standard-issue option that comes with traditional IT support. Users who get their own devices get to manage them directly. Give users a monthly allowance for their smartphone spend, eliminating the need to monitor all those contracts, overuse charges, and quality-of-service issues.

If your security needs are high, install a product such as the Good for Enterprise server to support non-BlackBerry devices -- if you run BlackBerry Enterprise Server to take advantage of the BlackBerry's security capabilities, it's only fair you offer the equivalent server to support other devices.

What's in it for IT: Once again, trying to control all the endpoints is a losing game. Plus, chances are, IT's current smartphone of choice isn't the one that will significantly empower employees.

IT resoultion No. 3: Shift to Web-style apps. Wherever possible, deploy your specialty functionality through Web-based apps, whether through the intranet or over the (VPN-secured) Internet. Such apps aren't tied to specific device platforms, so you don't have to worry about vendors' or internal developers' platform choices. They also don't need local installation, so they are easier to maintain and modify.

Avoid those apps, and development platforms that produce apps, that use proprietary, platform-specific technologies, such as ActiveX; the whole idea is that you are freeing both you and your users from unnecessary dependencies. (Vendors will follow suit if you insist on not accepting their lock-in strategies.)

Some of these may be external cloud-provisioned apps -- if that sourcing option makes sense for the desired functionality.

What's in it for IT: As you move from nondependent applications, you reduce the complexity of managing them and coordinating their deployments. Think of all the effort spent to qualify apps for your current OSes and to do it all over again when you get a new PC or OS. With this resolution, that largely goes away.

IT resolution No. 4: Map out a strategy for the use of client virtualization. Anyone who has a Mac and runs Windows applications on it through Parallels Desktop or VMware Fusion knows what the future holds: Apps and user environments can exist in separate logical containers, yet work as part of a unified experience.

Being able to run "foreign" apps (the Mac users' motivation) is just the beginning: The same principles apply to separating corporate apps from personal apps, corporate data from personal data, encrypted data from unencrypted data, persistent data from temporary data, and so on. Comprising both application virtualization and desktop virtualization, this approach pushes the control and management to the datacenter, and removes all those headaches and complications on the client side -- for both IT and the user.

Citrix Systems, EMC VMware, Microsoft, and Wyse Technology are all readying interesting products in this area, so start checking them out.

What's in it for IT: More control over what really counts, and less worry about client systems.

IT resolution No. 5: Deploy collaboration platforms. As people work in more varied locations -- at an office, at home, on the road, at a client site -- the resources they share and trade need to be easily accessible. E-mail goes a long way to letting work and information flow from one person to another, but it's not ideal for many types of collaboration.

I use the term "collaboration" loosely: whatever facilitates groups to work on common projects, from basic file sharing to fancy videoconferencing systems.

Work files should be accessible through Internet-accessible servers as shared drives. A small company might use the Pogoplug appliance to accomplish that, along with Google Docs. Larger companies might use VPN-secured network servers, Microsoft SharePoint, and any of the many cloud-based collaboration tools. It doesn't matter -- the point is to make in-progress and archived work products accessible easily. (Remember: The security needs to happen primarily at the data source.)

Likewise, on-demand audio- and videoconferencing, recorded group message-based chats, wikis, shared calendars, and project status boards should all be put in place and be Internet-accessible.

What's in it for IT: Not only will IT help empower the emerging style of workforce, but as IT has to support a distributed workforce and perhaps get more distributed itself, such systems will let IT succeed in that new context as well.

InfoWorld executive editor Galen Gruman analyzes the latest issues in mobile technology and the consumerization of IT. He has also written or co-written more than 40 how-to books, on iOS, iPad, Windows 8, OS X, and desktop publishing.